#!/bin/bash
# Atomic Secured Linux
# Copyright Atomicorp, 2021
# License: Commercial
# Summary:  AUM Installer
# Name: aum
# License: Commercial. Unauthorized redistribution prohibited.

INSTALLER_VER=6.0.0
export LANG=C

SERVER=www.atomicorp.com
ARCH=`uname -i`
GET=/usr/bin/wget
ROOT_UID="0"
LOG=/root/tortix-install.log
DATE=$(date +%Y%m%d-%H:%M)
TYPE=$1
PLESK_PATH=$(grep PRODUCT_ROOT_D /etc/psa/psa.conf | cut -d " " -f 2)

function detect_downloader() {
        if [ -f /bin/curl ]; then
                GET="/bin/curl -s -O"
        elif [ -f /usr/bin/curl ]; then
                GET="/usr/bin/curl -s -O"
        elif [ -f /usr/local/bin/curl ]; then
                GET="/usr/local/bin/curl -s -O"
        elif [ -f /bin/wget ]; then
                GET="/bin/wget -q"
        elif [ -f /usr/bin/wget ]; then
                GET="/usr/bin/wget -q"
        else
                echo "Error: downloader not detected. Exiting"
                exit 1
        fi
}


#Check if run as root
# For environments that do not use bash.
if [ ! "$UID" ]; then
        UID=`id -u`
fi

if [ "$UID" -ne "$ROOT_UID" ] ; then
        echo "ERROR: You must be root to run this program."
        exit 1
fi

if [ -f /root/awp.cfg ]; then
	AUTO=1
	. /root/awp.cfg
elif [ -f "$PLESK_PATH/var/modules/aum-installer/awp.cfg" ]; then
    AUTO=1
    . $PLESK_PATH/var/modules/aum-installer/awp.cfg
fi

echo "Environment" >> $LOG
env >>$LOG

app_error() {
    RETVAL=$1
    MSG=$2
    if [ $RETVAL -ne 0 ];then
        echo "ERROR: $MSG" >> $LOG
        echo
        echo "  ERROR: $MSG"
        echo "  exiting..."
        echo
        exit 1
    fi
}

if [ -f /etc/redhat-release ]; then
	RELEASE=/etc/redhat-release
elif [ -f /etc/os-release ]; then
	RELEASE=/etc/os-release
elif [ -f /etc/openvz-release ]; then
	RELEASE=/etc/openvz-release
elif [ -f /etc/virtuozzo-release ]; then
    RELEASE_FILE=/etc/virtuozzo-release
elif [ -f /etc/SuSE-release ]; then
	RELEASE=/etc/SuSE-release
elif [ -f /etc/lsb-release ]; then
	RELEASE=/etc/lsb-release
elif [ -f /etc/debian_version ]; then
	RELEASE=/etc/debian_version
else
	echo "Error: unable to identify operating system"
	exit 1
fi



PKG=rpm
if [[ $OSTYPE == "aix"* ]]; then
	PKG=aix
elif egrep -q "(release 5)" $RELEASE ; then
	DIST="el5"
	DIR=centos/5
elif egrep -q "(release 6|release 2012)" $RELEASE ; then
	DIST="el6"
	DIR=centos/6
elif egrep -q "(release 7|release 2014)" $RELEASE ; then
	DIST="el7"
	DIR=centos/7
elif egrep -q "(release 8)" $RELEASE ; then
	DIST="el8"
	DIR=centos/8
elif egrep -q "(release 9)" $RELEASE ; then
    DIST="el9"
    DIR=centos/9
elif egrep -q "Red Hat Enterprise Linux.* 7" $RELEASE ; then
	DIST="el7"
	DIR=redhat/7
elif egrep -q "Red Hat Enterprise Linux.* 8" $RELEASE ; then
	DIST="el8"
	DIR=redhat/8
elif egrep -q "(Amazon Linux 2)" $RELEASE; then
	DIST="amazon"
	DIR=amazon/2
elif egrep -q "(Amazon Linux AMI|Amazon)" $RELEASE ; then
	DIST="el6"
	DIR=centos/6
elif egrep -q "wheezy" $RELEASE ; then
	DIST="debian"
	DIR="wheezy"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "jessie" $RELEASE ; then
	DIST="debian"
	DIR="jessie"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "stretch" $RELEASE ; then
	DIST="debian"
	DIR="stretch"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "lucid" $RELEASE ; then
	DIST="debian"
	DIR="lucid"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "precise" $RELEASE ; then
	DIST="debian"
	DIR="precise"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "Raring Ringtail" $RELEASE ; then
	DIST="debian"
	DIR="raring"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "Trusty Tahr" $RELEASE ; then
	DIST="ubuntu"
	DIR="trusty"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "Xenial" $RELEASE ; then
	DIST="ubuntu"
	DIR="xenial"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "Bionic" $RELEASE ; then
	DIST="ubuntu"
	DIR="bionic"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "Focal Fossa" $RELEASE; then
	DIST="ubuntu"
	DIR="focal"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "buster" $RELEASE ; then
	DIST="debian"
	DIR="buster"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "bullseye" $RELEASE ; then
	DIST="debian"
	DIR="bullseye"
	PKG=deb
	ARCH=$(dpkg --print-architecture)
elif egrep -q "openSUSE Leap" $RELEASE; then
	DIST="suse15"
	DIR="opensuse/15.1"
	PKG=zypper
elif egrep -q "Jammy" $RELEASE ; then
    DIST="jammy"
    DIR=ubuntu
    PKG=deb2
else
	echo "Error: Unable to determine distribution type. Please send the contents of $RELEASE to support@atomicorp.com"
	exit 1
fi

detect_downloader

gpg_key_install () {
  echo "Installing the Atomic GPG key: " |tee -a $LOG
  path_file="RPM-GPG-KEY.atomicorp.txt"
  path_target=$1

  if [ ! -f $path_target$path_file ]; then
    if [ ! -d $path_target ]; then
      mkdir -p $path_target
    fi
    if [ ! -f $path_file ]; then
      $GET https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt >> $LOG 2>&1
    fi
    mv $path_file $path_target$path_file
  fi
}

yum_install () {
	if [ ! -f /usr/bin/yum ]; then
		echo
		echo "Error: Yum was not detected. Contact your provider for support." | tee -a $LOG
		echo
		exit 1
	fi

	## yum, make sure yum is up to date
	echo -n "Ensuring yum is up to date: " | tee -a $LOG
	/usr/bin/yum -y upgrade yum >> $LOG 2>&1
	echo "Done" | tee -a $LOG

    gpg_key_install /etc/pki/rpm-gpg/

	if [ ! -d /etc/asl ]; then
		mkdir /etc/asl
	fi

	cat  << EOF > /etc/yum.repos.d/tortix-common.repo
[tortix-common]
name=Atomicorp - \$releasever - Atomic Secured Linux
mirrorlist=http://updates.atomicorp.com/channels/mirrorlist/tortix-common/centos-\$releasever-\$basearch
priority=1
enabled=0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
gpgcheck=1

[tortix-common-testing]
name=Atomicorp - \$releasever - Atomic Secured Linux
mirrorlist=http://updates.atomicorp.com/channels/mirrorlist/tortix-common-testing/centos-\$releasever-\$basearch
priority=1
enabled=0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
gpgcheck=1

EOF

  if [ "$TYPE" = "beta" ]; then
    yum --enablerepo=tortix-common-testing  -y install aum | tee -a $LOG
  else
    yum --enablerepo=tortix-common -y install aum | tee -a $LOG
  fi

	if [ $? -ne 0 ]; then
		echo
		echo "Error: Could not install Aum" |tee -a $LOG
		exit 1
	fi

}

deb_install () {
    gpg_key_install /usr/share/keyrings/
    if [[ $PKG == "deb2" ]]; then
        echo "deb [signed-by=/usr/share/keyrings/RPM-GPG-KEY.atomicorp.txt] https://updates.atomicorp.com/channels/tortix-common/$DIR $DIST/amd64/ " > /etc/apt/sources.list.d/tortix-common.list
        if [[ $BETA -eq 1 ]]; then
            echo "deb [signed-by=/usr/share/keyrings/RPM-GPG-KEY.atomicorp.txt] https://updates.atomicorp.com/channels/tortix-common-testing/$DIR $DIST/amd64/ " > /etc/apt/sources.list.d/tortix-common-testing.list
        fi
    else
        echo "deb https://updates.atomicorp.com/channels/tortix-common/debian $DIST main" > /etc/apt/sources.list.d/tortix-common.list
    fi

    if [ ! -f /usr/bin/gpg ]; then
        apt -y install gpg
        app_error $? "apt failed to install gpg"
    fi

    /usr/bin/apt-get update
    app_error $? "apt failed to update repodata"

    /usr/bin/apt update
    app_error $? "apt update could not complete"

    /usr/bin/apt -y install aum
    app_error $? "apt installation failed"
}

if [ "$PKG" = "rpm" ]; then
	yum_install
elif [[ $PKG == deb* ]]; then
    deb_install
fi